EUVD-2022-0083

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Vulnerability in django-photologue up to 3.15.1 allows remote cross site scripting via object.caption

Reporter	Title	Published	Views	Family All 16
FreeBSD	py-django-photologue -- XSS vulnerability	15 Dec 202200:00	–	freebsd
Circl	CVE-2022-4526	16 Dec 202200:23	–	circl
CNNVD	Django-photologue 跨站脚本漏洞	15 Dec 202200:00	–	cnnvd
CVE	CVE-2022-4526	15 Dec 202200:00	–	cve
Cvelist	CVE-2022-4526 django-photologue Default Template photo_detail.html cross site scripting	15 Dec 202200:00	–	cvelist
Tenable Nessus	FreeBSD : py-django-photologue -- XSS vulnerability (c2c89dea-2859-4231-8f3b-012be0d475ff)	31 Aug 202300:00	–	nessus
Github Security Blog	django-photologue vulnerable to Cross-site Scripting	15 Dec 202221:30	–	github
NVD	CVE-2022-4526	15 Dec 202221:15	–	nvd
OSV	GHSA-287Q-JFCP-9VHV django-photologue vulnerable to Cross-site Scripting	15 Dec 202221:30	–	osv
OSV	PYSEC-2022-43061	15 Dec 202221:15	–	osv

[
  {
    "enisaIdVendor": [
      {
        "id": "dc36a243-80b9-35bd-90d8-49d8185c811a",
        "vendor": {
          "name": "unspecified"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "0dda7a4a-d8d9-39db-9c74-a7e8a04235b5",
        "product": {
          "name": "django-photologue"
        },
        "product_version": "3.15.0"
      },
      {
        "id": "cfa0593b-0f3b-39d8-8632-671a04c05563",
        "product": {
          "name": "django-photologue"
        },
        "product_version": "3.15.1"
      }
    ]
  }
]

Source	Link
github	www.github.com/richardbarran/django-photologue/commit/960cb060ce5e2964e6d716ff787c72fc18a371e7
github	www.github.com/richardbarran/django-photologue/issues/223
vuldb	www.vuldb.com/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2022-4526
github	www.github.com/pypa/advisory-database/tree/main/vulns/django-photologue/PYSEC-2022-43061.yaml

03 Oct 2025 20:07Current

6.2Medium risk

Vulners AI Score6.2

CVSS 3.13.5 - 6.1

EPSS0.00392

SSVC